Filters an array of HTML snippets
public purifyArray ( string[] $array_of_html, HTMLPurifier_Config $config = null ) : string[] | ||
$array_of_html | string[] | Array of html snippets |
$config | HTMLPurifier_Config | Optional config object for this operation. See HTMLPurifier::purify() for more details. |
return | string[] | Array of purified HTML |
/** * {@inheritDoc} */ public function purifyArray($contents, $config = null) { if (!is_array($contents) && !$contents instanceof \Traversable) { throw new \BadMethodCallException('Argument 1 must be an array of strings'); } if ($config && !$config instanceof ConfigurationInterface) { throw new \BadMethodCallException(sprintf('Argument 2 must be an instance of %s\\ConfigurationInterface or null', __NAMESPACE__)); } return parent::purifyArray($contents, $config); }
include "includes/ldap.inc.php"; include "includes/ihm.inc.php"; $action=""; if ( count($_GET)>0 || count($_POST)>0 ) { //configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables if ( count($_GET)>0) $uid=$purifier->purify($_GET['cn']); if (count($_POST)>0 ) { $uid=$purifier->purify($_POST['cn']); $action=$purifier->purify($_POST['action']); if ( isset($_POST['delrights']) ) $delrights=$purifier->purifyArray($_POST['delrights']); if ( isset($_POST['newrights']) ) $newrights=$purifier->purifyArray($_POST['newrights']); } } header_html(); $filtre = "8_".$uid; aff_trailer ("3"); if (ldap_get_right("lcs_is_admin",$login)=="Y") { // Ajoute un droit if ($action == "AddRights") { // Inscription des droits dans l'annuaire
include "includes/ldap.inc.php"; include "includes/ihm.inc.php"; $intitule=""; $filter=array(); if ( count($_POST)>0 ) { //configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables if ( isset($_POST['cn'])) $cn=$purifier->purify($_POST['cn']); if ( isset($_POST['description'])) $description=$purifier->purify($_POST['description']); if ( isset($_POST['intitule'])) $intitule=$purifier->purify($_POST['intitule']); if ( isset($_POST['action'])) $action=$purifier->purify($_POST['action']); if ( isset($_POST['classe_gr'])) $classe_gr=$purifier->purifyArray($_POST['classe_gr']); if ( isset($_POST['equipe_gr'])) $equipe_gr=$purifier->purifyArray($_POST['equipe_gr']); if ( isset($_POST['autres_gr'])) $autres_gr=$purifier->purifyArray($_POST['autres_gr']); } header_html(); aff_trailer ("8"); if (is_admin("Annu_is_admin",$login)=="Y") { if (isset($classe_gr)) for ($loop=0; $loop < count ($classe_gr) ; $loop++) { $filter[$loop]=$classe_gr[$loop]; } $index=$loop; if (isset($equipe_gr))for ($loop=0; $loop < count ($equipe_gr) ; $loop++) { $filter[$index+$loop]=$equipe_gr[$loop]; }
$login=$_SESSION['login']; include "../lcs/includes/headerauth.inc.php"; include "includes/ldap.inc.php"; include "includes/ihm.inc.php"; if ( count($_POST)>0 ) { //configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables if ( isset($_POST['right'])) $right=$purifier->purify($_POST['right']); if ( isset($_POST['filtrecomp'])) $filtrecomp=$purifier->purify($_POST['filtrecomp']); if ( isset($_POST['delete_right'])) $delete_right=$purifier->purify($_POST['delete_right']); if ( isset($_POST['type'])) $type=$purifier->purify($_POST['type']); if ( count($_POST['old_rights'])>0) $old_rights=$purifier->purifyArray($_POST['old_rights']); } header_html(); if (ldap_get_right("lcs_is_admin",$login)=="Y") { aff_trailer ("1"); // Affichage du formulaire de selection des droits if (!isset($right)) { echo "<H3>Sélection du droit à retirer</H3>"; $list_rights=search_machines("objectclass=groupOfNames","rights"); if ( count($list_rights)>0) { echo "<FORM action=\"delete_right.php\" method=\"post\">\n"; echo "<SELECT NAME=\"right\" SIZE=\"1\">"; for ($loop=0; $loop < count($list_rights); $loop++) {
include "includes/check-token.php"; if (!check_acces()) exit; $login=$_SESSION['login']; include "../lcs/includes/headerauth.inc.php"; include "includes/ldap.inc.php"; include "includes/ihm.inc.php"; if ( count($_GET)>0 || count($_POST)>0 ) { //configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables if ( count($_POST['new_uids'])>0 ) $new_uids=$purifier->purifyArray($_POST['new_uids']); if ( isset($_POST['cn'])) $cn = $purifier->purify($_POST['cn']); elseif ( isset($_GET['cn'])) $cn = $purifier->purify($_GET['cn']); if ( isset($_POST['add_list_users_group'])) $add_list_users_group=$purifier->purify($_POST['add_list_users_group']); } header_html(); aff_trailer ("31"); if (is_admin("Annu_is_admin",$login)=="Y") { if ( !$add_list_users_group ) { echo "<H4>Ajouter des membres au groupe : $cn</H4>\n"; // cas d'un groupe de type Equipe if ( mb_ereg ("Equipe_", $cn) ) { // Recherche de la liste des uid des membres de ce groupe
include "../Annu/includes/ldap.inc.php"; include "../Annu/includes/ihm.inc.php"; # constante $path2bl="/var/lib/squidguard/db/blacklists/lcs/"; $path2wl="/var/lib/squidguard/db/whitelists/"; // Initialisation variables : // Methode POST if (count($_POST)>0) { //configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables if (isset($_POST['list_del']))$list_del = $purifier->purifyArray($_POST['list_del']); if (isset($_POST['list_add']))$list_add = $purifier->purify($_POST['list_add']); if (isset($_POST['raz_db']))$raz_db = $purifier->purify($_POST['raz_db']); if (isset($_POST['webmail']))$webmail = $purifier->purify($_POST['webmail']); if (isset($_POST['forums']))$forums = $purifier->purify($_POST['forums']); if (isset($_POST['audiovideo']))$audiovideo = $purifier->purify( $_POST['audiovideo']); if (isset($_POST['blog']))$blog = $purifier->purify($_POST['blog']); if (isset($_POST['ads']))$ads = $purifier->purify($_POST['ads']); if (isset($_POST['malware']))$malware = $purifier->purify($_POST['malware']); if (isset($_POST['marketingware']))$marketingware = $purifier->purify($_POST['marketingware']); if (isset($_POST['phishing']))$phishing= $purifier->purify($_POST['phishing']); if (isset($_POST['redirecteurs']))$redirecteurs = $purifier->purify($_POST['redirecteurs']); if (isset($_POST['bl']))$bl =$purifier->purify( $_POST['bl']); if (isset($_POST['modif_status']))$modif_status = $purifier->purify($_POST['modif_status']); if (isset($_POST['action']))$action = $purifier->purify($_POST['action']); }
/** * Filters an array of HTML snippets/documents to be XSS-free and standards-compliant. * * @access public * @param array $a_array_of_html HTML snippet/document * @return array Array of HTML snippets/documents * @final * */ public final function purifyArray(array $a_array_of_html, $a_config = null) { return $this->oPurifier->purifyArray($a_array_of_html, $a_config); }
$msg_confirm .= "<a href=\"ldap_cleaner.php?do=4&phase=1&jeton=".md5($_SESSION['token'].htmlentities($_SERVER['PHP_SELF']))."\" target=\"main\">Nettoyage !</a>"; $sambadomain=search_sambadomain (); echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n"; echo "<HTML>\n"; echo " <HEAD>\n"; echo " <TITLE>...::: Interface d'administration Serveur LCS :::...</TITLE>\n"; // Initialisation variables : $PHP_SELF = $_SERVER['PHP_SELF']; // Methode POST $filtre = (isset($_POST['filtre'])) ? $purifier->purify($_POST['filtre']) : ""; $filter_type = (isset($_POST['filter_type'])) ? $purifier->purify($_POST['filter_type']) :""; $nbr =(isset($_POST['nbr'])) ? $purifier->purify( $_POST['nbr']):""; if ( isset($_POST['cat']) )$cat = $purifier->purifyArray($_POST['cat']); // Methodes POST ou GET if ( isset($_POST['phase']) ) $phase = $purifier->purify($_POST['phase']); elseif ( isset($_GET['phase']) ) $phase = $purifier->purify($_GET['phase']); else $phase=""; if ( isset($_POST['do']) ) $do = $purifier->purify($_POST['do']); elseif ( isset($_GET['do']) ) $do = $purifier->purify($_GET['do']); else $do=""; // Redirection vers phase suivante, gestion du sablier ### DEBUG echo "debug1 do:$do phase:$phase<br>";
Distribue selon les termes de la licence GPL Derniere modification : 04/04/2014 ============================================= */ include "../Annu/includes/check-token.php"; if (!check_acces()) exit; $login=$_SESSION['login']; $phase=""; if (count($_POST)>0 || count($_GET)>0) { //configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables if (count($_POST)>0 ) { $vides_gr=$purifier->purifyArray($_POST['vides_gr']); $valider=$purifier->purify($_POST['valider']); } if (count($_GET)>0) $phase=$purifier->purify($_GET['phase']); } include ("../lcs/includes/headerauth.inc.php"); include ("../Annu/includes/ldap.inc.php"); include ("../Annu/includes/ihm.inc.php"); $html = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n"; $html .= " <HTML>\n"; $html .= " <HEAD>\n"; $html .= " <TITLE>...::: Interface d'administration Serveur LCS :::...</TITLE>\n"; $html .= " <LINK href='../Annu/style.css' rel='StyleSheet' type='text/css'>\n"; echo $html;
if (!check_acces()) exit; $login=$_SESSION['login']; include "../lcs/includes/headerauth.inc.php"; include "includes/ldap.inc.php"; include "includes/ihm.inc.php"; $members=array(); if ( count($_GET)>0 || count($_POST)>0 ) { //configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables if ( isset($_POST['cn'])) $cn=$purifier->purify($_POST['cn']); elseif ( isset($_GET['cn'])) $cn=$purifier->purify($_GET['cn']); if (isset($_POST['members'])) $members=$purifier->purifyArray($_POST['members']); if ( isset($_POST['group_del_user'])) $group_del_user=$purifier->purify($_POST['group_del_user']); } header_html(); aff_trailer ("31"); if (is_admin("Annu_is_admin",$login)=="Y") { if ( $cn !="Eleves" && $cn !="Profs" && $cn !="Administratifs" ) { $uids = search_uids ("(cn=".$cn.")", "half"); $people = search_people_groups ($uids,"(sn=*)","cat"); echo "<h4>Modification des membres du groupe $cn</h4>\n"; if ( !isset($group_del_user) || ( isset($group_del_user) && !count($members) ) ) { ?> <form action="del_user_group.php" method="post"> <p>Sélectionnez les membres à supprimer :</p> <p><select size="5" name="<? echo "members[]"; ?>" multiple="multiple">